Bitcoin exchange Mt. Gox has shared more details about the issues that have led to it filing for bankruptcy protection just as malware peddlers have started taking advantage of affected users' desperation and desire to recover their lost bitcoins.

The exchange has published an announcement regarding the bankruptcy application with the Tokyo District Court, in which it is explained that its liabilities exceed its assets, and that this situation may be linked to a loss of bitcoins and customer funds:

At the start of February 2014, illegal access through the abuse of a bug in the bitcoin system resulted in an increase in incomplete bitcoin transfer transactions and we discovered that there was a possibility that bitcoins had been illicitly moved through the abuse of this bug.

As a result of our internal investigation, we found that a large amount of bitcoins had disappeared. Although the complete extent is not yet known, we found that approximately 750,000 bitcoins deposited by users and approximately 100,000 bitcoins belonging to us had disappeared.

We believe that there is a high probability that these bitcoins were stolen as a result of an abuse of this bug and we have asked an expert to look at the possibility of a criminal complaint and undertake proper procedures.

On the same day (24th), we found out large discrepancies between the amount of cash held in financial institutions and the amount deposited from our users. The amounts are still under investigation and may vary but they approximate JPY 2.8 billion.

We are investigating the causes of these problems. Since there are probably a variety of causes including hacking by third parties, we need to investigate a huge amount of transaction reports in order to establish the truth. As of this date, we cannot confirm the exact amount of missing deposit funds and the total amount of bitcoins which disappeared.

Once we discovered that bitcoins had disappeared and the discrepancies between cash funds and deposit balances, we judged that it would be difficult to continue our activities normally and we therefore closed our site at noon on the 25th (Japan time).

They have also applied for permission to "rebuild" Mt. Gox "under the supervision of the court in a legally organized procedure," so that they could repay the debts to the affected users, who are invited to contact a newly established call center if they have any questions.

In the meantime, scams offering hope of a return of the stolen bitcoins but delivering malware have surfaced.

Malwarebytes' Chris Boyd warns about such a scam that urges users to watch a video that apparently explains that "Mt. Gox will return all the lost Bitcoins."

But, they are prompted to download Adobe Flash Player in order to be able to watch it.

Unfortunately for them, the offered software is a malicious executable wrapped in a .rar file. The nature of the malware in question is still unknown, but there can be no doubt that it will bring only grief to the already miserable users.

Spotlight

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

There is still way too much apathy when it comes to data-centric security. Given the sensitive data the OPM was tasked with protecting, it should have had state-of-the-art data protection, but instead it has become the poster child for IT security neglect.